Re: DNS resolution order with multihomed host
- From: "Kevin D. Goodknecht Sr. [MVP]" <admin@xxxxxxxxxxxxxx>
- Date: Thu, 29 Dec 2005 08:33:15 -0600
DanielP <dpradoSIN@xxxxxxxxxxxxxx> wrote:
> Hello Kevin,
>
> The reason why we want this dns names to be resolved always in
> the same order is that we have two data connections with our
> remote datacenter: one through frame relay and one through Internet,
> and we have to be connected pemanently with 2 machines there.
>
> This machines have 2 IPs: one private through frame relay and one
> public through Internet.
>
> We want to access them with the private IP (10.x.x.x) through the
> frame relay while it si possible. But if the frame relay fails we
> want to access them
> with the public IP (194.x.x.x) through Internet.
>
> So, as you can see, we want to have two IPs on these machines as a
> fault tolerant mechanism. If the first IP isn't reachable our system
> uses the second.
I'm not sure what applications you are using to connect to the other server,
but most simply won't use a failover address, which ever IP is the first in
the list will be used, if the connection fails, most applications won't even
try the second address. (An SMTP server with multiple MX records are one
exception to this)
> ¿What do you think about our topology?
Depending on what ports you need open to connect via its public IP, you may
need to rethink trying to connect via the public address. Some applications
should never be exposed to the internet. Would a VPN work in your situation?
By using a VPN, only one port is open through the firewall and all
connections through PPTP are by private addresses and are encrypted. If
Active Directory is involved you certainly shouldn't expose a DC to a direct
internet connection without a firewall, there are at least 16 ports that
need to be open for Active Directory.
Q179442 - How to Configure a Firewall for Domains and Trusts:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q179442
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
.
- Follow-Ups:
- Re: DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- References:
- DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolution order with multihomed host
- From: DanielP
- DNS resolution order with multihomed host
- Prev by Date: Re: Windows 2003 DNS: Recursive query fails when looking its own d
- Next by Date: Re: Windows 2003 DNS: Recursive query fails when looking its own d
- Previous by thread: Re: DNS resolution order with multihomed host
- Next by thread: Re: DNS resolution order with multihomed host
- Index(es):
Relevant Pages
|
Loading
